Management of MPLS-based VPNs

Management of MPLS-based VPNs
Youngtak Kim Advanced Networking Technology Lab. (ANTL) Dept. of Information & Communication Engineering, Yeungnam University, Korea

Outline This tutorial goes through …
Framework of MPLS-based VPNs: L3VPN, L2VPN, VPLS Traffic Engineering based on DiffServ-aware-(G)MPLS Management Framework of MPLS Network, MPLS MIBs MPLS OAM for the Management of MPLS-based VPNs Commercial MPLS-VPN Management Systems: Cisco VPN Solution, SheerBOS, Wandl’s IP/MPLSview Experiences in the design and implementation of a Management System for DiffServ-aware-MPLS (DoumiMan) Conclusions and Discussions The tutorial will present the detailed issues of traffic engineering for next generation internet with following steps. (1) First the networking model and overall goals of traffic engineering will be introduced. (2) And, the basic concepts of DiffServ and MPLS will be covered, followed by the integrated traffic engineering concepts based on DiffServ-aware-MPLS. (3) We will discuss on the Internet traffic engineering measurements, performance monitoring and Fault restorations. (4) We will also analyze the availability of Diffserv-aware-MPLS Traffic engineering from the commercial routers, such as Cisco routers. (5) Finally, we will make conclusion, with some additional questions and discussions. If you have any questions, please fill free to make questions during the tutorial.

Framework of MPLS-based VPNs

VPN (Virtual Private Network)
What is VPN (Virtual Private Network) ? Definition of VPN in RFC 2764 (A Framework for IP Based Virtual Private Networks) : “VPN is an Emulation of a private wide area network (WAN) facility using IP facilities (including the public Internet or private IP backbones).” CPE-based VPN Network-based VPN General Requirements of VPNs Opaque packet transport Data Security Quality of Service Guarantees Tunneling Mechanism

VPN Types Types of IP based Virtual Private Networks (RFC 2764)
Virtual Leased Lines (VLL) Virtual Private Dial Network (VPDN) Virtual Private Routed Network (VPRN) Virtual Private LAN Segment (VPLS)

VPN Types (1): VLL Virtual Leased Lines (VLL)
Point-to-point link provided to a customer, connecting two CPE devices the link layer type used to connect the CPE devices to the ISP nodes can be any link layer type: e.g. ATM VCC, Frame Relay circuit ISP tunnel between two edge ISP nodes CPE ISP edge node IP Tunnel IP backbone network ATM VCC

VPN Types (2): VPDN Virtual Private Dial Network (VPDN)
allows a remote user to connect on demand through an ad hoc tunnel into another site; the user is connected to a public IP network via a dial-up PSTN or ISDN Layer 2 Tunneling Protocols (L2TP) PPP session on the dial-up connection and L2TP tunnel Host Corp. Network NAS (Network LAC LNS IP Backbone Network Gateway dialup connection L2TP Tunnel PPP Session

VPN Types (3): VPRN Virtual Private Routed Networks (VPRN)
Emulation of a multi-site wide area routed network using IP facilities CPE-based VPRN or network-based VPRN packet forwarding is carried out at the network layer a mesh of IP tunnels between ISP routers with VPN-specific routing/forwarding tables CPE ISP edge node IP Tunnel IP backbone network Stub Link

VPN Types (4): VPLS Virtual Private LAN Segment (VPLS) (1)
Emulation of LAN segment over IP using Internet facilities, with a Transparent LAN Service (TLS) A case of L2VPN service distinguished by the support of L2 broadcast Can be used to interconnect multiple stub CPE nodes, either bridges or routers, in a protocol transparent manner Essentially equivalent to a VPRN, except that each VPLS edge node implements link layer bridging rather than network layer forwarding CPE routers would peer transparently across a VPLS with each other without requiring any router peering with any nodes within the VPLS VPLS topology can be point-to-point point-to-multipoint (hub and spoke) any-to-any (full mesh) mixed (partial mesh) hierarchical

Virtual Private LAN Segment (VPLS) (2)
CPE ISP edge node IP Tunnel IP backbone network (Service Provider backbone) Stub Link Access Network VPLS A VPLS B VPLS B Logical Bridge

MPLS-based VPNs (1): BGP/MPLS IP VPNs
Multiple VRFs (VPN Routing and Forwarding tables) in PEs PE-CE attachment circuit is associated with exactly one VRF Carrier’s Carriers case a VPN provided by an SP which is offering VPN services to its customers CE routers should support MPLS PE routers should distribute , to the CE routers, labels for the routes they distribute to the CE routers Routers at the different sites should establish BGP connections among themselves for the purpose of exchanging external routes Multi-AS backbone two sites of a VPN are connected to different Autonomous Systems IBGP is used to distribute routing information within an AS EBGP re-distribute routing information among (labeled VPN-IPv4 routes) from AN to neighboring AS Multi-hop EBGP redistribution of labeled VPN-IPv4 routes between source and destination ASs. VRF-to-VRF connections at the AS border routers

MPLS-based VPNs (2): L3PPVPN (Provider Provisioned VPN) /MPLS
Provider Edge (PE) (in PE-based VPN) or Customer Edge (CE) (in CE-based VPN) determine how to route VPN traffic by looking at the IP and/or MPLS headers of the packets they receive from the customer’s edge devices MPLS LSP is used as the tunnel among PE-PE (in PE-based VPN), or CE-CE (in CE-based VPN) CE device PE Tunnel (MPLS LSP) VPN tunnel SP Network A SP Network B SP Network C dual homing Backdoor link

MPLS-based VPNs (3): L2PPVPN (Provider Provisioned VPN) /MPLS
Provides pseudo wire or emulated LAN service on provider network Virtual Private Wire Service (VPWS): each CE device is presented with a set of Point-to-Point virtual circuit Virtual Private LAN Service (VPLS): each CE device has one or more LAN interfaces that lead to a “virtual backbone” to make multipoint-to-multipoint VPN (LAN emulation service) CE 1 L2 VPN A PE device CE 4 CE 2 CE 3 L2 VPN B Access Network CE 5 Service Provider Backbone Logical Switching Instance (provides Pseudo wire or emulated LAN)

L2PPVPN Provisioning Models
Overlay Model Customer Site A (Hub) Site B Site C (Spoke) Site D Site E Service Provider Network PE CE Routing information is exchanged between customer and service provider routers Service provider routers exchange customer routes through the core network Peer-to-peer Model

Traffic Engineerings based on DiffServ-aware-(G)MPLS Network

NGI with IP, MPLS and WDM Optical Network
GMPLS OXC-LSR GMPLS/DWDM-OXC layer Network MPLS, MSPP Layer network IP Router IP Layer network Multimedia/ Video Archives GbE SW LSP Storage Access Network (SAN) VPN TDM SONET/SDH (Circuit Switched Service) In the next generation, 4 major service categories will require big bandwidth pipes with guaranteed QoS: usual IP traffic, high-speed digital leased lines with TDM/SONET, Storage Access Network for Video on demand (VOD) service, and the Virtual private network (VPN) to interconnect Gigabit Ethernets among multiple site of a company. In order to provide the broad bandwidth, the core transport network will be implemented with WDM optical transport network. In order to guarantee the required bandwidth and Quality of service, an efficient traffic engineering mechanism is required; and MPLS (Multiprotocol Label Switching) has been recommended as the promising technology. MPLS, MSPP/MSPP

Objectives of Traffic Engineering in NGI (1)
Guaranteed Bandwidth & QoS Bandwidth: Committed Data rate (CDR)/ Committed Burst Size (CBS), Excess Burst Size (EBS) Peak Date Rate (PDR)/ Peak Burst Size (PBS) End-to-end Packet Transfer Delay: Propagation delay + Queuing delay Limited Jitter (delay variation) Limited End-to-end Packet loss Differentiated Service provisioning with Different priority/weight Premium service, controlled service Best effort service Hierarchical traffic engineering with TE-Tunnels (LSPs) for extremely broadband networking with WDM optical lambda/fiber switching Maximized utilization of available bandwidth & resources

Objectives of Traffic Engineering in NGI (2)
Two major objectives may be conflicting Guaranteed Bandwidth & QoS Maximized resource utilization in order to guarantee strictly bandwidth and QoS, strict bandwidth & resource reservation is required if bandwidth & resource are strictly reserved and not used, underutilization problem occurs => general phenomenon in current telephone network Solution to get both objectives ? controlled bandwidth borrowing among service class-types within a TE-LSP controlled redistribution of extra-available bandwidth among TE-LSP

MPLS (Multi-Protocol Label Switching)
source (IP address A) destination (IP address B) Ingress Node Egress Node IP datagram MPLS Domain Network LER 11 LER 12 LER 21 LSR 10 LSR 20 LSR 30 LSR 40 LER 31 LER 41 LER 42 IP header (destAddr=B, srcAddr=A) IP payload label i i label j j label k k label m m

MPLS Label ••• Label Exp S TTL 20 3 1 8 Shim Header
Label: Label Value, 20 bits (0-16 reserved) Exp.: Experimental, 3 bits (was Class of Service) S: Bottom of Stack, 1 bit (1 = last entry in label stack) TTL: Time to Live, 8 bits Layer 2 Header (eg. ATM VC/VP, PPP, 802.3 MAC) ••• MPLS ‘Shim’ Headers (Label Stacking) Label Exp S TTL 20 3 1 8 32-bit (4-bytes) IP Header IP Payload label stack n (s=1) label stack 1 (s=0) Shim Header

Traffic grouping with Label Stacking
LSP 121 LSP 111 LSP level (k-1) Packet Flow P1 P2 LSP 120 LSP 110 LSP 100 level (k) level (k+1) R1 R2 Rn-1 Rn ingress (push a label) swapping Ri       egress (pop a label) Ri+1

GMPLS-based Optical Transport Networking
GMPLS-Signaling + OAM/LMP NIC IP TCP/UDP Application Host A LSP PSC-LSR (Optional Core) O-NIC (WDM) MPLS IP Router (Edge) GMPLS-Signaling for optical network Internet control & management protocols (RIP, OSPF, BGP, DVMRP, MOSPF) Traffic engineering with fault management & performance management for Internet Transit Network fiber bundle OXC-LSR (Core) OXC SDH/ SONET MainFrame GbE SW Metro-GbE Net PSTN HDN MSPP GFP-F GFP-T LCAS GMPLS Signaling

QoS-guaranteed Service Provisioning in NGN
QoS-guaranteed VPN/VPLS Service QoS-guaranteed Broadband Multimedia Service QoS-guaranteed Broadband Content Distribution Network / Storage Access Network Edge Node (DiffServ-aware MPLS LER) MPLS LSR OXC/ OADM GMPLS Core Network GMPLS/Broadband Transport Network (All Optical, O-O-O) (DiffServ-aware-GMPLS) PE (VPLS-aware Customer Premises Network A (IP Router) CE Network B TGW AGW Narrowband Multimedia/ PSTN Multimedia/ Cellular/ Mobile Multimedia / Cellular/ Broadband Content Distribution Network (CDN/SAN)

Control Plane and Management Plane of QoS-guaranteed NGN/(G)MPLS
Autonomous System (AS) 1 EN System (AS) 3 System (AS) 2 NNI QoS-guaranteed NGN Backbone Network DiffServ-aware-GMPLS/OXC 광전달망 End-to-End QoS NGN Backbone Network Performance/QoS CE UNI Customer Premises Network (CPN) A Network (CPN) B Access Network QoS Control Plane End-user application platform Admission control & Connection Control agent QoS/call Request QoS Request (GMPLS Signaling) QoS Request & Resource Allocation Notification Resource Allocation (GMPLS Signaling) Management Plane Manager & GMPLS OAM/NMS Inter-AS QoS Negotiation BGP-TE QoS Negotiation/ Wireless Access Network Wireless/ Mobile PSTN, SAN/CDN Broadband

MPLS Traffic Engineering
Fast packet switching Fast packet switching by using fixed short label, instead of long address matching in IP packet routing based on existing fast data link layer switching technologies (e.g. ATM, FR) Traffic engineering with Connection-oriented LSP (Label Switched Path) more predictable network control and management Constraint-based Routing; Constraint-based Shortest Path First (CSPF) Forwarding Equivalent Class (FEC) source/destination IP address range : min, max source/destination port range : min, max Type of Service (ToS)

Service Level Agreement (SLA)
A contract between a service provider and a customer Specifies, usually in measurable terms, what QoS the service provider will provide Traffic Parameters: Committed Data Rate (CDR)/CBS+EBS QoS Parameters: Delay, Jitter, Packet Loss Rate Service Availability: Mean Time Between Failures (MTBF)/Mean Time to Restoration of Service (MTRS)

Constraint-based Routing in MPLS
Traffic parameters of the constraint-based routing for LSP bandwidth of LSP : peak data rate, committed data rate Modification of Link State Database for constraint-based routing traffic parameter available bandwidth at each link : number of lambda channels, bandwidth of each lambda channels Additional QoS parameter propagation delay Combined cost metric Modification of OSPF shortest path routing constraint-based routing with traffic parameters: bandwidth, QoS, resource class, class of failure protection SRLG (Shared Risk Link Group) The constraint-based routing in MPLS determines the route that can provide the required traffic parameter and the QoS parameter. As I explained in the previous slide, the traffic parameters define the bandwidth of LSP with peak data rate and committed data rate. In order to support the constraint-based routing, the Link State Database of the current IP router should be modified to handle traffic parameters and additional QoS parameters. It must modified to use the combined cost metric from the various parameters and the user’s requirement. The routing algorithm, such as OSPF should also modified to include the new parameters and the new concept, such as shared risk link group.

Example of Constraint-based Routing
Seattle 1 1144 20M 828000 10M Rapid city 820 5M Minneapolis Boston 611 10M 5 657 10M 8 20 409 10M Detroit 834 10M Salt Lake City Chicago 389 50M 15 640 5M 211 5M 19 San Francisco 745 10M 4 920 50M 286 10M 521000 50M 14 New York 297 10M 2 Denver 534 10M 237 5M 6 861000 50M St. Louis 18 688 10M 845 10M 380 5M Washington D.C. 13 816 10M 285000 10M 780 100M 632 10M 3 381 10M 394 5M Los Angels Memphis 12 7 1067 50M Dallas 17 Atlanta 454 100M This slide shows an example of constraint-based routing. Lets assume a 7-Mbps packet flow is required from Seattle to Miami. If we find the physically shortest path, the orange path on this slide will be found. But, unfortunately, this path can not support the required traffic flow, because one of the link can provide only 5 Mbps bandwidth. So, according to the constrain-based routing, this physically shortest path is not selected. Phoenix 9 393000 10M 473 10M 246 5M 661 10M 352 10M 10 11 Physically shortest path. But can not provide the requested 7 Mbps bandwidth !! 861000 10M Houston New Orleans 16 Miami

Example of SRLG-disjoint Backup Path Routing
1 2 3 6 8 9 7 10 13 14 15 20 19 18 17 11 16 12 4 820 5M 1144 20M 828000 10M Seattle San Francisco Salt Lake City Los Angels Denver Phoenix Houston Dallas Minneapolis Chicago St. Louis Memphis New Orleans Atlanta Miami Washington D.C. Detroit New York Boston 745 380 688 381 816 1067 50M 920 861000 780 100M 521000 409 297 286 845 285000 454 246 352 393000 394 473 661 632 534 640 834 10M 211 5M 237 5M 5 Rapid city 611 657 389 Constraint-routed shortest path that can provide 7 Mbps bandwidth !! Shared Risk Link Group (SRLG) – disjoint backup path with In order to produce the shortest path that can support the required constraints, we produce a pruned link state database where the links which cannot provide the required QoS or traffic specification are removed from the topology. Based on this pruned (or truncated) link state database, we can use the same shortest path finding algorithm, such as Dijkstra’s algorithm to find the shortest path. The next step is to fined the next shortest path for backup traffic trunk which are not using the same physical links of the working path. By removing or increasing the cost metric of the links of the working path, we can use the same algorithm. The dotted path shows the SRLG-disjointed backup path.

Factors on End-to-End Transfer delay, Jitter
Queuing delay in M/D/1 queue Mean time in Queue Packet loss and buffer size calculated by heavy traffic approximation:  : link utilization

Bandwidth Borrowing among LSPs within an TE-LSP
LSP j (weight = y) LSP k (weight = z) Excess available bandwidth TE-LSP Borrowing/re-allocation of available/unused bandwidth LSP i (weight = x) needs more bandwidth under utilization

Re-distribution of Extra Available Bandwidth among Tunnel (TE)-LSP
PHY LINK LSPi (wi) LSPj (wj) LSPi1(wi1) extraAvailableBW LSPi2(wi2) LSPj1(wj1) LSPj2(wj2) Available Excess Bandwidth User LSP Inner Tunnel LSP Outer Tunnel LSP (b) Hierarchical/Recursive Redistribution of Available Bandwidth (a) Controlled Bandwidth Redistribution/Borrowing

Differentiated Service (DiffServ)
 DiffServ Packet Processing Model NCT (Network Control Traffic) Packet Transmission with Link Speed X (LSP : PDR/PBS, CDR/CBS+EBS) Packet Scheduling Expedited Forwarding (EF) Assured Forwarding (AF) Best Effort Forwarding (BEF) Traffic Shaping Discarding (algorithmic dropping) Packet Classifier Smoothing (averaging) Buffer depth IP Packet flow input Metering, Action, Algorithmic Dropping

Example of DiffServ Class-type and Performance Objectives
Delay Jitter packet Loss Ratio Bandwidth definition DSCP NCT1/ NCT0 Minimized error, high priority RIP, OSPF, BGP-4 100 msec U 10-3 Peak rate / EF Jitter sensitive, real-time high interaction VoIP 50 AF4 Video conference 400 Committed rate AF3 Transaction data, interactive Terminal session Custom app AF2 Transaction data Data base Web AF1 Low loss bulk data FTP 1 sec BE Best effort service (Note : a) U : undefined, b) Drop precedence of AF4~AF1 : 010, 100, 110)

Per Hop Behavior (PHB) Per-Hop Behavior (PHB)
The externally observable forwarding behavior applied at a DS-compliant node to a DS behavior aggregate The means by which a node allocates resources to behavior aggregates Defines hop-by-hop resource allocation mechanism Example of PHB Guarantee minimal bandwidth allocation ( x % of a link or tunnel) Guarantee minimal bandwidth allocation (x % of a link or tunnel) with proportional fair sharing of any excess link capacity Buffer allocation Priority relative to other PHBs PHBs are specified as a group (PHB group) for consistency PHBs are implemented in nodes by means of some buffer management and packet scheduling mechanisms

Metering & Marking Parameters for Metering & Marking Parameters Red
Yellow Green Single Rate Three Color Marker (SRTCM) CDR/CBS+EBS TE(t)-B < 0 TP(t)-B  0 and TE(t)-B  0 TC(t) –B  0 Two Rate Three Color Marker (TRTCM) PDR/PBS CIDR/CBS TP(t)-B < 0 TP(t)-B  0 and TC(t) –B < 0 (Note: B: arrived packet size, TE(t): token count of excess rate token bucket, TC(t): token count of committed rate token bucket, TP(t): token count of peak rate token bucket)

Integrated Traffic Engineering for DiffServ-aware-MPLS
Guaranteed Quality of Service (QoS) Provisioning Traffic parameters Peak Rate Average rate, Sustainable rate with burst tolerance Minimum rate Frame rate with max. frame size QoS Parameters End-to-end transfer Delay Delay variance (Jitter) tolerance Bit/Packet/Frame error rate Maximized bandwidth & resource utilization Bandwidth over-booking Bandwidth sharing, borrowing

Per Class-Type Queuing (1): RED (Random Early Detection) Queue
Probabilistic packet drop Buffer level TH min TH max Discard Discard with increasing probability Pa Do not discard Drop Probability Average Queue Length THmin THmax 1 Pmax Pmin The globally synchronized traffic fluctuation can be solved by using the Random Early Detection queue which drops the packet probabilistically according the buffer level. In this case, only one TCP session is asked to reduce the traffic at a time. So, the network traffic flow can be maintained at a stable level.

Per Class-Type Queuing (2): WRED (Weighted Random Early Detection) Queue
Drop Probability Average Queue Length THmax(0…7) THmin(0) THmin(7) 1 Pmax (0..7) (a) Default WRED Drop Probability Configuration Pmax(0) Pmax(7) Average Queue Length (b) WRED case 1 THmax(7) THmax(0) (c) WRED case 2 (Note: THmin(i) = (1/2 + i/8)*THmax

DiffServ Packet Scheduler
Hierarchical Packet Scheduler Priority Scheduler Rate-based scheduler (WRR or WFQ) NCT1 NCT0 EF AF4 AF3 AF2 AF1 BF priority Min rate shaping rate (PDR/PBS, CDR/CBS+EBS) Traffic Shaper The packet scheduler determines which packet will be transferred at next available time slot. We can use priority-based or weighted-based scheduler. In the priority-based scheduling, the higher priority queue is served first without consideration of the status of the lower priority queues. In the weight-based scheduling, the available bandwidth is allocated to each queue according to the weight. Also, the hierarchical packet scheduler with priority-scheduler and the weight-based scheduler can be used as shown in this slide.

DiffServ-aware-MPLS Traffic Engineering
IP Packet Stream Packet Classifier AF 4 Two Rate Three Color Marker (PIR/PBS, CIR/CBS+EBS) NCT1 Single Rate Three Color Marker (CIR/CBS+EBS) NCT0 EF Marker (CIR/CBS+EBS) AF 3 AF 2 Marker (PIR/PBS, CIR/CBS+EBS) AF 1 BF drop ? Rate-based packet scheduler Priority-based packet scheduler CR-LSP (Traffic Parameters : Peak Data Rate(PDR) Peak Burst Size (PBS) Committed Data Rate (CDR) Committed Burst Size (CBS) Excess Burst Size (EBS) Weight Resource Class / Color =“gold”) Multi-field Packet Classification Per-Class-type Metering/Marking Packet Dropping (algorithmic drop according to averaged buffer depth) packet scheduling traffic shaping user B (Traffic Parameters, Resource class = “silver”) = “bronze”) User C AF1, 2, 3, 4 EF (or AF1) NCT 0/1 BE (default) TE-LSP Maximum Capacity/ Aggregate BW Allocated BW Un-reserved BW Policy-based MPLS Traffic Trunk (TE-LSP) Management, Load Balancing rt/nrt-VBR traffic CBR realtime traffic VPN control message User(UserGroup) A

Traffic Policing and Traffic Shaping
Classify Measure Configured rate No match Incoming packets Queuing method Outgoing packets WFQ/FIFO Packet Scheduler Metering/Marking Token bucket Aggregated committed rate Per-class

Management Framework of MPLS Network

DiffServ-aware-MPLS Traffic Engineering for QoS-guaranteed Service Provisioning
Collection & Analysis of Performance Measurement results DiffServ-aware-G/MPLS Router parameter setting (Bandwidth allocation, Queuing, packet scheduling) Network Planning & Provisioning (Re-) configuration of logical topology, Network load balancing GMPLS/OXC TE-LSP (traffic trunk) Real-time per-flow optimization Mid-term Long-term End-to-end QoS & performance measurement Node & Link, DiffServ-aware-ELSP QoS performance monitoring QoS-guaranteed GMPLS/OXC Backbone Network Service Level Agreement (SLA) - QoS parameter - Traffic Parameter (QoS/SLA Standards) QoS-guaranteed Realtime Multimedia Service Request/ Subscription O-NNI Access Net QoS O-UNI CE Customer Premises Network (CPN) A Intra -net Network (CPN) B DiffServ-aware- GMPLS/OXC Network (AS 1) (AS 2) PE

ITU-T I.371 Traffic Management Framework
UPC: Usage Parameter Control CAC: Connection Admission Control PC: Priority Control NPC: Network Parameter Control RM: Resource Management Others: Spacing, Framing, Shaping, etc Inter-Network (NNI) NPC - CAC - RM - PC - Others Network B User-Network Interface (UNI) Optional Traffic Shaping UPC Network A CPN

Network Performance related Standards (1)
I.356 ATM Bearer Service QoS Standard CTD 2-pt.CDV CLR0+1 CLR0 CER Class 1 (stringent class) 400msec 3msec none default Class 2 (tolerant class) U Class 3 Class 4 6msec U Class

Network Performance related Standards (2)
ITU-T Y.1540/1541 IP QoS Standards Network Performance Parameter QoS Class Service Class Class 0 Class 1 Class 2 Class 3 Class 4 Class 5 un-specified Packet Transfer Delay 100ms 400ms 1s U Packet Delay Variance 50ms Packet Loss Rate 1×10-3 1 × 10-3 Packet Error Rate 1 × 10-4

Network Management System(NMS) for NGN
OXC/ OADM GMPLS Core Network Provider Network (NG-SDH/SONET Network) NG-SDH/SONET (GFP, Virtual Concatenation) CPN B (SONET/SDH, Highspeed Leased Line, GbE) CPN A SDH DiffServ-aware MPLS LER CPN A (IP Router) CE PE (VPLS-aware MPLS LER) VPN A (GbE) CPN B VPN B (GFP-T) SAN A (Fiber Channel, ESCON, FICON, DVI) Video/Multimedia Database Archive SML NML EML Performance management EML-PM SML-PM NML-PM NML-Monitoring NML-Analysis & Control NML-Tuning Fault management NML-FM NML-FC NML-AM NML-TDS EML-FM EML-FC EML-AM EML-TDS SML-FM Connection management EML-CP NML-CP LNC CC CSM SSM Configuration management SML-ConfM LNTC NML-TC EML-TC Management Interface: CLI, CORBA, XML, SNMP, TMN/CMIP

QoS-guaranteed NGN Networking Model
Edge Node (DiffServ-aware MPLS LER) MPLS LSR OXC/ OADM GMPLS Core Network GMPLS/광전달망(All Optical, O-O-O) (DiffServ-aware-GMPLS) Provider Edge (VPLS-aware Customer Premises Network A (IP Router) CE Network B TGW AGW Narrowband Multimedia/ PSTN Multimedia/ Cellular/ Mobile Multimedia / Cellular/ 광대역 멀티미디어 분배망 서비스 (CDN/SAN) QoS-guaranteed IP networking System (CPN) (ISP) SNMP/CLI SNMP/ CLI IIOP/ CORBA AS 1 AS 2

DiffServ-aware MPLS Network
Distributed Traffic & Network Management System for multiple Autonomous Systems (AS) DiffServ-aware MPLS Network DiffServ -aware MPLS LER CPN A B Transit LSR Autonomous System 1 Autonomous System 2 Autonomous System 2 Constraint-based Shortest Path First (CSPF) Routing EMS NMS

Interactions among MPLS Management Modules
IIOP Configuration Mgmt Connection Performance Fault EMS NMS Customer Premise Network CPN(Intranet) Generic Adapter Service Object SNMP interface RMA CLI NE interface DNS MPLS Transit Network (AS 1) Socket TELNET MPLS Transit (AS 2) Generic Adapter

Management Interfaces (EMS-Agent, EMS-NMS)
Command Line Interface (CLI) proprietary CLI definition by each vendor most detailed operations and management information CORBA(Common Object Request Broker Architecture)/OMG distributed object computing infrastructure Manager-to-manager connection XML (eXtensible Markup Language) XML-RPC SOAP SNMP (Simple Network Management Protocol) SNMP MIBs for MPLS-based VPN/VPLS Delayed update compared with data access by CLI (Command Line Interface)

Standards of MPLS Network Managements (1)
1) MPLS Management Overview: - Related document: Multiprotocol Label Switching (MPLS) Management Overview, draft-ietf-mpls-mgmt-overview-08.txt, August 2003. - Overview of MPLS Network Management and Related MIB - MPLS MIB의 OID (Object Identifier) tree structure:

2) TC-MIB - Related document: Definitions of Textual Conventions for Multiprotocol Label Switching (MPLS) Management, draft-ietf-mpls-tc-mib-05.txt, Nov - Describes textual conventions for use in definitions of management information for MPLS networks 3) LSR-MIB - Related document : Multiprotocol Label Switching (MPLS) Label Switching Router (LSR) Management Information Bases, draft-ietf-mpls-lsr-mib-09.txt, Oct - Describes MOs for modeling MPLS LSR (Label Switch Router) LSR - interface configuration table (mplsInterfaceConfTable) - in-segment (mplsInSegmentTable), out-segment (mplsOutSegmentTable) tables - cross-connect table (mplsXCTable) - label stack table (mplsLabelStackTable) - traffic parameter table (mplsTrafficParamTable): index, MaxRate, MinRate, MaxBurstSize

4) TE-MIB - Related document : Multiprotocol Label Switching (MPLS) Traffic Engineering Management Information Base, draft-ietf-mpls-te-mib-09.txt, Nov - ping (ICMP echo request) based hop-by-hop fault localization and path tracing - in ping mode (basic connectivity check), ping packet is sent through user packet delivery LSP, the egress LSR delivers the ping packet to control plane - in traceroute mode (fault isolation), ping packet is sent to the control plane of each transit LSR node, which performs various checks and returns further information that helps check the control plane against the data plane 5) LDP-MIB - Related document : Definitions of Managed Objects for the Multiprotocol Label Switching (MPLS) Label Distribution Protocol (LDP), draft-ietf-mpls-ldp-mib-09.txt, Oct - Defines 4 MIBs for Label Distribution Protocol (LDP) establishment and monitoring : MPLS-LDP-MIB, MPLS-LDP-Generic-MIB, MPLS-LDP-ATM-MIB, MPLS-LDP-Frame-Relay-MIB

6) FTN-MIB - Related document : Multiprotocol Label Switching (MPLS) Forward Equivalency Class-to-Next Hop Label Forwarding Entry Management Information Base, draft-ietf-mpls-ftn-mib-05.txt, Oct - Defines MIBs of the mapping and related operations of MPLS FEC (Forwarding Equivalence Class) and NHLFE (Next Hop Label Forwarding Entry) 7) Bundle MIB - Related document : Link Bundling Management Information Bases, draft-ietf-mpls-bundle-mib-04.txt, Nov - Defines MIBs for grouping TE Links into a bundled link 8) VPN-MIB - Related document : MPLS/BGP Virtual Private Network Management Information Base using SMIv2, draft-ietf-ppvpn-mpls-vpn-mib-05.txt, Nov - Defines the MIB for MPLS/BGP VRF (VPN Routing and Forwarding) based VPN configuration

MPLS Network Configuration Management
MPLS Configuration Management Installation support support the installation of equipment and related software installation operations, sequencing and scheduling the operation to achieve maximum efficiency and minimum interference with ongoing operations Provisioning a set of procedures that bring already installed equipment into service NE configuration Initialization of Network Topology resource and activations Network resource reservation and locking/unlocking for service provisioning Status and control Status request & report of network resource Network resource maintenance Network Resource Auto-discovery (optional) dynamic resource discovery automatic configuration & topology mapping real-time map generation

MIBs for Configuration Managements
MPLS LSR MIB mplsInterfaceConfTable, PerfTable mplsInSegmentTable, PerfTable mplsOutSegmentTable mplsXCTable mplsLabelStackTable mplsTrafficParamTable MPLS TE MIB mplsTunnelTable, ResourceTable, HopTable, ARHopTable, CHopTable mplsTunnelPerfTable, CRLSPResTable MPLS TE-Link MIB teLinkTable, DescriptorTable,SrlgTable, BandwidthTable componentLinkTable, DescriptorTable,SrlgTable, BandwidthTable MPLS LDP MIB MPLS LDP Generic MIB MPLS LDP ATM MIB, FrameRelay MIB

Example of MPLS Network Configuration MOs (1)
Managed Objects Attributes Example Node Router Name 7204_G Router Version Cisco 7200 IOS version (Cisco Router) 12.2(8)T Routing Protocol OSPF, BGP MPLS Signaling protocol Total number of activated slots/ports 1 Fast Ethernet 4 Serial network interface 1 Packet_over_Sonet (POS) network interface Fast Ethernet Port address status Port Up, line protocol up QoS class map EF, AF1, AF2, AF3, AF4 QoS status Drop ratio 0 bps, packets marked Serial Port Status Operational-yes Class-default QoS queue Weighted fair queuing QoS bandwidth 620 [kbps] Serial port name Serial 1/1 (connected with xxx) Loopback address

Example of MPLS Network Configuration MOs (2)
Managed Objects Attributes Example PoS port (Packet over SONET) address Status Shutdown QoS class map Class-default QoS queue Weighted fair queue QoS bandwidth 55000[kbps] Serial port name Pos4/0 Loopback address Neighbors Neighbor equipment Router, bridge_switch Neighbor router name 3620_B Neighbor router serial port name / address Serial 0/0 (3620_B port) / Neighbor loopback address (TDP id) (3620_B의 loopback address)

MPLS Connection Managements
MPLS Tunnel LSP (TE-LSP) Connection Managements MPLS Tunnel LSP Establishments and Maintenance Constraint-based Shortest Path First (CSPF) routing for Constraint-based LSP Setup Request MPLS LER/LSR to set up LSP: Automatic routing mode or explicit routing mode Set up LSP traffic parameter and QoS parameter Update of Traffic parameter and QoS parameter of MPLS Tunnel LSP Modification of traffic parameter and QoS parameter of tunnel LSP Establishment of backup LSP for MPLS Fault Management SRLG-disjoint backup path routing Establishment of working LSP for backup LSP: explicit routing mode

Connection Management for DiffServ-over/aware-MPLS on Optical Internet
IIOP Configuration Mgmt Connection Performance Fault EMS NMS OXC LSR DiffServ- aware- LER fiber link optical path (lambda channels) traffic trunk (tunnel LSP) WDM Optical Domain Network MPLS Domain network

Example of MPLS LSP MOs (1)
Attribute Example LSP Tunnel name Tunnel_0104_1 Source address Destination address Next addresses (explicit route) , Traffic param - priority Setup priority 1 Holding priority 1 Traffic param – bandwidth 9 [kbps] Traffic param – MTU 1514 bytes Traffic param - delay 500,000 usec (default) – modifiable Affinity 0x0 ~ 0xFFFFFFFF Auto-bandwidth (optional) Freq, Min [kbps], Max [kbps]

Example of MPLS LSP MOs (2)
Attribute Example LSR and Port LSR ID (Transmitter) Link/Port ID Interface address Neighbor LSR ID (Receiver) Link type Fast Ethernet, Serial Port, POS Administration status Active Operational status Operational-yes Link State Total capacity Link total capacity in [Mbps] Available bandwidth Available bandwidth in [Mbps] Reserved bandwidth Allocated bandwidth in [Mbps] Propagation & processing delay Propagation delay according to the physical distance, and packet processing delay including MPLS packet switching, port buffering at LSR Jitter Jitter at LSR with MPLS packet switching Residual bit error rate Bit error rate at Physical link SRLG_ID Shared risk link group ID Physical backup type Protection functions provided at Physical Layer

Parameters for Constraint-based LSP Establishment
MO Attribute Example Traffic Parameter Bandwidth Peak data rate(PDR)/Peak Burst Size (PBS) Committed Data Rate(CDR)/Committed Burst Size (CBS), Excess Burst Size (EBS) QoS Parameter End-to-end delay Jitter bound Allowable jitter boundary Packet loss ratio Allowable packet loss ratio Service Category Service class Platinum, gold, silver, bronze Priority Setup priority, holding priority Weight Weight for Weighted Fair Scheduler Backup_type 1+1, 1:1, M:N, 1:N, on-demand SRLG SRLG-disjoint backup LSP

MPLS Network Performance Management
Performance monitoring of MPLS Tunnel LSP Measurement of Throughput at End-to-End LSP and Boundary of Autonomous System (AS) Measurement of delay, jitter at End-to-End LSP and Boundary of Autonomous System (AS) Measurement of packet loss at End-to-End LSP and Boundary of Autonomous System (AS) Performance analysis of MPLS Tunnel LSP Compare and analyze LSP’s SLA (service level agreement) performance parameters and the monitored results Determine any seriously deteriorated performance performance control & tuning of MPLS Tunnel LSP Update/Reallocation of operational Parameters (Bandwidth, Link Utilization) to maintain the performance of End-to-end LSP and LSP segments of Autonomous System (AS) : Adjustment of allocated bandwidth, Queue buffer size or scheduler parameter Rerouting of LSP route Overall Network Load Balancing MPLS VPN Performance Management Measurements of Aggregated Throughput, Packet Transfer Delay, Packet Loss Rate at MPLS VPN Interfaces (CE-PE, PE-PE) Measurements of Packet Mis-delivery Ratio among MPLS VPN

MPLS Network Fault Management (1)
Establishment of Backup LSP for MPLS working tunnel LSP SRLG disjoint back LSP routing and LSP setup Allocation of Backup LSP resource for 1+1, 1:1, M:N, 1:N mode Fault Detection and Notification Fault detection ad notification at Physical Layer Link, port or Node Fault detection ad notification by MPLS signaling and packet forwarding module Notification of Seriously deteriorated MPLS LSP Performance Analysis and Localization of Faults Fault correlation and localization Find Root Cause of the Faults Find the location of root cause Determine the Affected tunnel LSP and VPN Fault Recovery Fault Recovery by Protection switching or restoration Protection Switching of User Traffic using Backup LSP Establish a new back LSP Redefine the function and the route of working LSP and backup LSP at Fault restoration

MPLS Fault Management (2)
Differentiated Backup Path Reservations (Example) Backup Path Utilization Reservation with NO Traffic Reservation with Lower Priority Traffic of possible preemption Fault Restoration Use Span(segment) Protection Restoration is based on the Subnetwork(Segment) MPLS Service Class Bandwidth Reservation Setup Priority Preemption Priority Application Platinum 100%, 1+1 Highest High Priority VPN Gold 100%, 1:1 Higher VPN Silver 100%, M:N Normal Premium service Bronze 100%, 1:N Lower Controlled traffic Best effort Lowest Best Effort 3. Fault Restoration with Backup LSP One of the classification of the restoration schemes is based on the number of working path to backup path. Currently these restoration scheme only distinguish the class of service. For example, the 1+1 restoration is used when the class of service requires highest setup/preemption priority. If the class of service requires normal priority, 1:1 scheme may be used. These schemes restore the whole traffic of each class of service. 3.1 Backup LSP Setup The proposed backup LSP setup scheme does not restore whole traffic for each class. The restoration ratio of each class are differentiated. We assume that the GMPLS-based optical Internet is a DiffServ-aware-GMPLS. If the MPLS service class is platinum(the highest service class), the whole traffics are protected by 1+1 protection mechanism. In the case of Gold class, 100 percents of the total traffic are protected by 1:1 protection mechanism. In the Silver class, 80 percents of the total traffic are protected by 1:1 protection mechanism. In the Bronze class, 50 percents of the total traffic are protected by 1:1 protection mechanism. If the service class is Best Effort, the restoration is performed not by a pre-established protection switching but by a dynamic rerouting. The selection of the protected micro traffic of each MPLS service class is based on the service class of the DiffServ. For instance its faults occur in the Silver class type LSP, only the NCT(Network Control Traffic), EF(Expedited Forwarding), AF(Assured Forwarding) DiffServ class traffic can be protected. We consider two case of bandwidth reservation of backup LSP. One is that only bandwidth is reserved and no other traffic flow is admitted until protection is performed in 1+1 protection. The other is that the bandwidth for protection is reserved in 1:1 protection, but best effort traffic flows with lower preemption priority use the bandwidth until the failure occurrence. Once a failure occurs, the best effort traffics using that bandwidth are released and the protected higher-priority traffics preemptively use the reserved bandwidth. 3.2 Fault Restoration Scheme The proposed fault restoration scheme is not a path protection but a kind of span protection. Fault restoration is performed by the unit of subnetwork(segment). The network is divided into some subnetworks. In the case of fault occurrence in a subnet, the restoration path from the ingress node of the subnetwork to its egress node that is connected to next subnetwork is selected. If the egress / ingress node of the subnetwork is in failure, a new restoration path is selected that starts from the next upstream node of ingress node and ends at the next down stream node of the egress node. If the link between the egress and ingress nodes is in failure, a new link is selected that spans from the egress node of one subnetwork to the ingress node of another subnetwork.

Example of Seriously Deteriorated Performance
Traffic / QoS parameter Threshold of severe degradation Remarks Available bandwidth Less than 80% of CDR (committed data rate) End-to-end delay More than 120% of agreed end-to-end delay limit Jitter More than 200% of agreed jitter limit Packet loss More than 10% of transmitted data

Fault Detection Functions of LSR Node
Module Fault Type Fault Detection (Example) MPLS Switching Module Faults in Switching Elements Faults in packet/ label processing MPLS signaling module (CR-LDP, RSVP)의 hello message Packet mis-delivery Port/Link Loss of Light Fiber cut Lambda channel fault Network Interface Card (NIC) fault monitoring Node failure Power degradation Switching capability loss Malfunctioning components Excessive temperature MPLS signaling module hello message Degraded packet throughput, increased packet loss rate

MPLS Fault Recovery Objectives (Example)
Function Fault Recovery Parameter Target Values Fault Detection Fault Detection at Physical Layer Fault Detection at LSP Fault Detection at LSR Physical Layer: 50 ns MPLS LSP: 150 ms MPLS LSR: 3 sec Fault Notification Fault notification to ingress LER / egress LER 50 ms Protection Switching to Backup LSP Protection Switching of user traffic from faulty working LSP to Backup LSP Total Fault Restoration Time Total allowable time from fault occurrence to complete fault restoration 250 ms

Standards related to MPLS Fault Management
IETF Draft MPLS-based fast reroute IETF Draft MPLS recovery framework IETF Draft MPLS RSVP-LSP Fast reroute MPLS OAM Requirements RFC 2925, Remote Ping, Trace Route, Lookup RFC 3479, Fault Tolerance for the LSP

MPLS OAM for the Management of MPLS-based VPNs

MPLS OAM OAM (Operation, Administration, Maintenance)
Layer Management Protocol for Network Layer, Data Link Layer, Physical Layer: e.g. ATM VP/VC Layer OAM, Physical Layer OAM, SONET OAM Fault OAM for fault monitoring, fault notification alarm indication signal remote defect indication (RDI) continuity check (CC) loopback test Performance OAM for performance monitoring, performance analysis Forward monitoring Backward monitoring Configuration OAM for administrative configuration of links, operational status monitoring link configuration and status management neighbor discovery e.g Layer Management Protocol (LMP) of WDM Optical Link

Related Works on MPLS OAM
Current Standardization Status of MPLS OAM General framework Major considerations No detailed implementation methods IETF Internet Draft, “A Framework for MPLS User Plane OAM,” David Allen (ed.), February 2003. Implications for fault management: connectivity verification, etc. Implications for performance management: line quality monitoring, etc. IETF Internet Draft, “OAM Requirements for MPLS Networks,” Thomas Nadeau et. al., February 2003. service level agreement (SLA) measurement: availability, latency, packet loss, jitter alarm suppression and layer coordination support for OAM interworking for fault notification error detection and recovery IETF Internet Draft, “Detecting Data Plane Liveness in RSVP-TE”, Oct LSP Ping

Requirements of MPLS OAM Functions
Basic Requirements of MPLS OAM functions Fault management OAM should be able to provide fault detection, on-demand verification, fault localization, notification of LSP failure information Performance management OAM should be able to provide performance monitoring to check the provisioning of traffic throughput & QoS (end-to-end delay, jitter, packet loss rate) that is defined in service level agreement Interactions of MPLS signaling and User-plane OAM User plane OAM: based on in-band OAM packets to monitor real status of user plane connections MPLS signaling: out-of-band signaling, separated connections from the user plane connections

Design of MPLS Performance Management OAM Functions
Performance Monitoring OAM of User Plane Data Path Throughput total delivered data size / unit time interval Delay d(n) = Tarrival(n) – Tdeparture(n) Jitter (variance of transfer delay) j(n) = |d(n) – d(n-1)| Packet loss rate (total transmitted packets – total delivered packets) / total transmitted packets Severely degraded performance e.g. excessive delay at realtime interactive communication, excessive packet loss, excessive jitter should be handled in the same manner of fault

Proposed Format of Performance Monitoring OAM Packet
OAM Type OAM Function PDU Length Ingress LSR Identifier Egress LSR Identifier LSP Identifier Sequence Number Time Stamp Number of Total Transmitted Packets Total Transmitted Data Size [Byte] Optional Information 1 2 3 4 5 6 7 8 9 (LSR: Label Switched Router; LSP: Label Switched Path)

Design of MPLS Fault Management OAM Functions
Fault Detection by fault management OAM packet: continuity check by lower protocol layer: e.g. loss of light (LOL), loss of signal (LOS) Fault Notification by MPLS OAM packet Forward Defect Indication (FDI) Backward Defect Indication (BDI) Egress LER(Label Edge Router) -to-Ingress LER notification Fault Notification by MPLS Signaling RSVP-TE notify message CR-LDP notification message Fault notification by intermediate LSR that detected link fault by network interface card (NIC); Note) in Wavelength Division Multiplexing (WDM) network, it is very hard to insert OAM packets by intermediate node

Scenario of Fault Notification by MPLS signaling
PHY TCP/UDP CR-LDP MPLS IP OSPF-TE/ BGP TE Agent LER 110 (ingress node) PHY TCP/UDP CR-LDP MPLS IP OSPF-TE/ BGP TE Agent LSR 120 PHY TCP/UDP CR-LDP MPLS IP OSPF-TE/ BGP TE Agent LSR 121 link failure notification TE agent controls the rerouting link failure detection PHY TCP/UDP CR-LDP MPLS IP OSPF-TE/ BGP TE Agent LSR 220 PHY TCP/UDP CR-LDP MPLS IP OSPF-TE/ BGP TE Agent LSR 221 PHY TCP/UDP CR-LDP MPLS IP OSPF-TE/ BGP TE Agent LER 211 (egress node) working LSP backup LSP

Loopback Test OAM timeout (a) Node-by-node sequential loop-back test
LSR120 LSR140 LER 110 150 LSR130 timeout (a) Node-by-node sequential loop-back test (b) Roll-call loop-back test

Proposed Format of Loopback Test OAM Packet
OAM Type OAM Function PDU Length Loop-back start LSR Identifier Loop-back end LSR Identifier LSP Identifier Loop-back operation mode (sequential or roll-call) Optional data 1 2 3 4 5 6 7 8 9 Note) Loopback test operation mode: 0: node-by-node sequential loop-back test 1: roll-call loopback test mode

Implementations and Experiments
Network Simulation Environment: NIST (National Institute of Standard and Technology) GMPLS Simulator (GLASS: Gmpls Lightpath Agile Switching Simulator): Networking Simulator for Generalized Multi-Protocol Label Switching (GMPLS) DiffServ-over-MPLS MPLS Networking WDM Optical Switching General Internet Applications over TCP/UDP, IP Included MPLS OAM functions to monitor, analysis network operational status

Network Simulation for DiffServ-over-MPLS
 Network Configuration Server Client LSR120 LSR 121 LSR 220 LSR 221 LER 211 100 110 101 (EF, 1 Mbps) 111 210 200 201 (AF, 4Mbps) 150 151 212 202 213 203 (AF, 4 Mbps) 103 (AF, 2 Mbps) 105 (BF, 3 mbps) 102 104 152 154 151 (EF, 1 Mbps) 153 (AF, 2 Mbps) 155 (BF, 3 Mbps) 6.6Mbps 13.2Mbps 17.6 Mbps (Priority Sched) (WFQ Sched) Note : the transit link between LSR 220 and LSR 221 has been designed to be bottleneck !!

Traffic Generation Src - Dest Traffic type Traffic Parameters
(LSP) [kbps] Priority/Weight (DiffServ) Packet Scheduling Traffic Generation duration [simulation time in sec] 100 – 101 EF PDR = 1,500 CDR = 1,000 P=5 Priority 50 ~ 500 102 – 103 AF PDR = 3,000 CDR = 2,000 P=3 104 – 105 BE PDR = 4,500 CDR = 3,000 P=1 W=1 WFQ 100 ~ 450 152 – 153 W=2 154 – 155 W=3 200 – 201 PDR = 6,000 CDR = 4,000 W=4 100 ~ 400 200 ~ 350 (EF: Expedited Forwarding, AF: Assured Forwarding, BE: Best Effort Forwarding)

Bandwidth Monitoring of DiffServ Traffic
(a) Priority Scheduling (b) WFQ scheduling

End-to-end delay, Jitter
(a) E-to-E Delay, Priority Scheduling (b) E-to-E Delay, WFQ scheduling (a) Jitter, Priority Scheduling (b) Jitter, WFQ scheduling

Notifications on Severe Performance Degradation

Link Failure Detection and Notification
Simulation scenario Failure detection by NIC, Continuity check OAM LSR120 LSR140 LER 110 150 LSR130 Physical link error at 250 sec (a) Failure Detection by NIC (b) Failure Detection by Continuity Check

Loop-back Test Link Error at 250sec 10ms 15ms 5ms

MPLS-VPN Performance Management
SPN’s MPLS Backbone CE PE Penultimate Hop LSR Tunneled LSP VLAN/Ethernet VC(Virtual Circuit) LSP LSR Intranet Management (EMS/NMS) SPN(Backbone) TE Agent

MPLS-VPN PM Examples (a) Throughput (b) Delay (c) Jitter
Customer A Customer B Customer C (a) Throughput (b) Delay (c) Jitter (d) Packet Loss Ratio

Test Network Configuration for Controlled Bandwidth Borrowing
LSP between A and B (4 Mbps) LSP between A and D (4 Mbps) LSR-LSR : 20Mbps Host-LSR : 5 Mbps LER A LER B LER C LER D LSP between C and B (4 Mbps) LSR-LSR : 10 Mbps LSP between C and D (2 Mbps) LSP 1 LSP 3 LSP 7 LSP 5 LSR X LSR Y 10M 20M Bottleneck link

Dynamic Bandwidth Re-distribution
Scenario Trigger bandwidth redistribution after 170sec Trigger bandwidth rollback at 400sec Bandwidth is not allocated to LSP 1,5 because of bottleneck link However, LSP 3,7 are allowed to get extra-bandwidth. (a) Throughput of LSP1, 3 (a) Throughput of LSP5,7

Commercial MPLS-VPN Management Systems: Cisco VPN Solution, SheerBOS, Wandl’s IP/MPLSview

Cisco VPN Solution (1) Cisco VPN Solution Center Architecture API and Life-cycle Management

Cisco VPN Solution Center (2)
Cisco VPN Solution Center 2.2: MPLS Solution (1) provides management of IP VPN services throughout the service life cycle including service provisioning and activation on customer-edge and provider-edge routers, service auditing and service-level agreement (SLA) provides external operations support systems (OSSs) access to the full capabilities of the Cisco VPN Solution Center using well-defined CORBA APIs Operators and upstream systems can add, delete, or modify customer MPLS VPNs and define associated VPN service topology (hub-and-spoke, full-mesh and extranet) Major functions: Fault – Cisco Info Center Configuration – Cisco Provisioning Center Performance – Concord Network Health Monitor

Cisco VPN Solution Center 2.2: MPLS Solution (2)

Key features of Cisco VPN Solution Center Realtime provisioning flexibly service activation high-performance service auditing service quality assurance SLA monitoring and reporting QoS provisioning and measurement for service differentiation Templates for streamlined provisioning Application integration and flow-through provisioning OSS interface – CORBA APIs, TIBCO event bus, Java and XML fault management performance and other extended management functionality

SheerTMBOS (1) SheerTM Broadband Operating Supervisor (SheerTMBOS)

SheerTMBOS (2) SheerTMBOS Solutions for Network Services DSL over ATM
ATM over Optical IP IP over ATM IP Services over Optical L2TP and MPLS VPN over Optical core over ATM L2TP and MPLS IPVPN VLAN VLAN and MPLS/L2TP/IP

SheerTMBOS (3) SheerTMBOS Supported NEs Manufacturer
Network Element (NE) Alcatel 36170(Newbridge) ATM Switch, ASAM DSLAM, MiniRam DSLAM Cisco 6400 SSG, UBR 7200 CMTS, 7x00 Router, GSR 1200 Router, Catalyst, Tdsoft Hunt8200 Router, BPX ATM Switch, 6100 DSLAM, 6160 DSLAM Copper Mountain CE150 DSLAM, CE200 DSLAM ECL HiFocus DSLAM Lucent CBX500 ATM Switch, GX550 ATM Switch Marconi 200 ATM Switch, 1000/4000 ATM Switch Motorola 2000 CMTS Nortel Shasta SSG, IMAS DSLAM, Passport ATM Switch Nokia D50 DSLAM Redback SMS 500 SSG, SMS 1800 SSG Siemens Unisphere SSG

SheerTMBOS (4) SheerTMBOS Auto Discovery of Topology, Inventory and Services Discovery of the network elements and the corresponding layered entities that exist within them (e.g. interfaces, forwarding components) Existing modules, ports/interfaces Existing logical entities MPLS labels Contexts/Virtual Routers Routing Tables, Forwarding Tables, VRF Tables, Label Swapping Tables Discovery of the relationships that exist between the entities in each layer (VC, VP, Ethernet MAC, PPPoA, 1483, 1Q tag) => Port (IP interface) => (1483R, Ethernet, .1Q, PPPoA, PPPoE) (Vbridge) => (Group of Interfaces) (VRF/Virtual Router) => (Group of Interfaces) Discovery of the multi-layer network topology Physical Topology ATM (PVC, SVC, SPVC) Topology Ethernet, VLANs Topology IP Topology MPLS Topology VPN Topology

SheerTMBOS (5) SheerTMBOS – Managing IP-VPN Services over Broadband Networks Network Inventory Auto-discovery MPLS IP-VPN logical inventory P and PE Global Label Forwarding Table PE Interface Specific Label Forwarding Table List of VPNs (PE) VPN Properties (PE) VPN VRF Table VPN Route Target: Import/Export VPN Router Distinguisher VPN Site list & Properties for each VPN Site Network Topology Auto-discovery Service Activation Operations Create/Delete VPN Add/Remove Site to VPN Required identification parameters: VPN identifiers, connection point, site subnets (in case of static route is used between CE-to-PE)

Wandl’s IP/MPLSview (1)
Features of Wandl’s IP/MPLSview Hardware Device Models Supported: Cisco, Juniper, Riverstone, Foundry, and generic router types. IP/MPLS-Configuration/Performance Management IP/MPLS-Network Planning VPN BGP MPLS-FRR Extensive Report Generation - Aids all aspects of planning, designing, and troubleshooting IP/MPLS Core Backbones. Flexible and friendly Graphical User Interface Fully web-enabled User Interface

IP/MPLS Network Planning with Wandl’s IP/MPLSview IP network configuration, LSP tunnel and traffic collection Delta configuration generation for MPLS TE provisioning Multi-layer, Multi-protocol modeling according to exact equipment details LSP tunnel path placement and provisioning Fast reroute (FRR) End-to-end path protection MPLS LSP path generation/network grooming Multi-period traffic load analysis Basic design from scratch Incremental design Diversity/Resiliency design Bottleneck analysis Capacity planning / traffic growth Multi-layered failure simulation and analysis What-if simulation Standard or customizable tariff databased

IP/MPLS Configuration and Performance Management Network centric operation of the MPLS traffic network Automated data collection – automatic discovery and incremental discovery Automatic discovery of network topology Web-accessible event browser tracks changes in network status Intelligent multi-vendor IP/MPLS parsing Physical and logical topology views Dynamic reconfiguration of MPLS tunnels Near real-time network monitoring: resource utilization, global network topology and traffic information display, interface/tunnel statistics, data collection via SNMP Network performance management and diagnostics History reports and historical traffic data replay Configuration and version control and archiving Configuration conformance validation Network inventory reports from SNMP polling Integrity checking

Additional Features Border Gateway Protocol (BGP) model Differentiated Services VPN Model State-of-Art Network Graphics Fully Web-enabled User Interface Wep reports Extensive report generations

DoumiMan (DiffServ-over-universal mpls internet Manager)
Experiences in the Design and Implementation of Management System for DiffServ-aware-MPLS DoumiMan (DiffServ-over-universal mpls internet Manager)

Layered Network Management in DoumiMan (DiffServ-over-universal mpls internet Manager)
Physical Layer Network MPLS IP Subnetwork & VPN

O-O Design & Implementation for Extensibility

Auto-discovery of Physical Topology Information through Telnet CLI (Command Line Interface)
Pivot router 7204_H NMS 7204_F ① show ip vrf ② no VRF related information ③ show cdp entry*, show cdp neighbors, show tag-switching tdp discovery ④ Information about Neighbors ⑤ show ip vrf ⑥ Information of VRF table ⑦ show ip route vrf vrf-name show ip protocols vrf vrf-name ⑧ Detailed information of VRF table (IP routing table on VRF, routing protocol on VRF)

Configuration Management GUI

DiffServ-aware-ELSP Connection Management

DiffServ-aware-ELSP Performance Management

MPLS Fault Managements with NMS
Service Provider Backbone (AS: 100) AS: 200 AS: 300 CE (Customer Edge) AS: 500 AS: 400 NMS/EMS PE (Provider Edge) Fault Notification (notification) Establish Backup LSP (Rerouting) Link Failure

Example of Fast Reroute in Cisco Routers

VPN GUIs

DiffServ-aware-MPLS VPN GUIs

Concluding Remarks We discussed
Framework of MPLS-based VPNs: L3VPN, L2VPN, VPLS Traffic Engineering based on DiffServ-aware-(G)MPLS Management Framework of MPLS Network, MPLS MIBs MPLS OAM for the Management of MPLS-based VPNs Commercial MPLS-VPN Management Systems: Cisco VPN Solution, SheerBOS, Wandl’s IP/MPLSview Experiences in the Management of DiffServ-aware-MPLS VPN

References [1] RFC 2764, A Framework for IP based Virtual Private Networks, February 2000. [2] IETF Internet Draft, draft-ietf-l3vpn-rfc2547bis-00.txt, BGP/MPLS IP VPNs, May 2003. [3] IETF Internet Draft, draft-ietf-l3vpn-framework-00.txt, A Framework for Layer 3 Provider Provisioned Virtual Private Networks (PPVPNs), March 2003. [4] IETF Internet Draft, draft-ietf-l3vpn-vpn-vr-00.txt, Network based IP VPN Architecture using Virtual Routers, May 2003. [5] IETF Internet Draft, draft-ietf-l2vpn-l2-framework-00.txt, L2VPN Framework, Feb [6] IETF Internet Draft, draft-ietf-l2vpn-requirements-00.txt, Service Requirements for Layer 2 Provider Provisioned Virtual Private Networks, Jan [7] IETF Internet Draft, draft-ietf-l2vpn-vpls-requirements-00.txt, Requirements for Virtual Private LAN Service (VPLS), Oct [8] IETF Draft, draft-lasserre-vkompella-ppvpn-vpls-02.txt, Virtual Private LAN Services over MPLS, June 2002. [9] RFC 3272, Overview and Principles of Internet Traffic Engineering, May 2002. [10] RFC 3564, Requirements for Support of Differentiated Services-aware MPLS Traffic Engineering, July 2003. [11] IETF Internet Draft, draft-ietf-mpls-mgmt-overview-08.txt, Multiprotocol Label Switching (MPLS) Management Overview, August 2003. [12] IETF Internet Draft, draft-ietf-mpls-te-mib-12.txt , Multiprotocol Label Switching (MPLS) Traffic Engineering Management Information Base, August 2003. [13] IETF Internet Draft, draft-ietf-mpls-tc-mib-09.txt, Definitions of Textual Conventions for Multiprotocol Label Switching (MPLS) Management, August 2003. [14] IETF Internet Draft, draft-ietf-mpls-oam-requirements-01.txt, OAM Requirements for MPLS Networks, June 2003.

[15] ITU-T Rec. Y.1710, Requirements for MPLS OAM.
[16] ITU-T Rec. Y.1711, OAM Mechanisms for MPLS Network. [17] ITU-T Rec. Y.1720, Protection Switching for MPLS Networks. [18] ITU-T Draft Rec. Y.mplsperf, MPLS Performance. [19] IETF RFC3289, Differentiated Services MIB module [20] IETF draft-ietf-snmpconf-diffpolicy-07.txt, Differentiated Services Configuration MIB. [21] IETF RFC 3512, Configuring Networks and Devices With SNMP. [22] IETF RFC 3410, "Introduction and Applicability Statements for Internet- Standard Management Framework ", [23] IETF RFC 3289 Management Information Base for the Differentiated Services Architecture", , May 2002. [24] IETF RFC3411, "An Architecture for Describing Simple Network Management Protocol (SNMP) Management Frameworks", Harrington, D., Presuhn, R. and B. Wijnen, December 2002. [25] IETF draft-ietf-snmpconf-pm-13.txt, "Policy-based Management MIB", Work in Progress, Waldbusser, S., J. Saperia, and T. Hongal, March 2003. [26] IETF draft-ietf-psamp-framework-03.txt, A Framework for Passive Packet Measurement, June 2003. [27] IETF draft-ietf-psamp-sample-tech-02.txt, Sampling and Filtering Techniques for IP Packet Selection, June 2003. [28] Tanja Zseby, “Deployment of Sampling Methods for SLA Validation with Non-Intrusive Measurements,” Proceedings of Passive and Active Measurement Workshop (PAM 2002), Fort Collins, CO, USA, March 25-26, 2002. [29] IETF draft-ietf-psamp-mib-00.txt, Definitions of Managed Objects for Packet Sampling, [30] IETF draft-ietf-mpls-telink-mib-02.txt, Traffic Engineering Link Management Information Base, May 2003. [31] IETF RFC 3209, RSVP-TE: Extensions to RSVP for LSP Tunnels, December 2001.

[32] IETF RFC 3469, Framework for Multi-Protocol Label Switching (MPLS)-based Recovery, February 2003. [33] IETF draft-ietf-mpls-rsvp-lsp-fastreroute-03.txt, Fast Reroute Extensions to RSVP-TE for LSP Tunnels, [34] IETF draft-ietf-mpls-lsp-ping-03.txt, Detecting MPLS Data Plane Failures. [35] IETF draft-ietf-mpls-fastreroute-mib-01.txt, Multiprotocol Label Switching (MPLS) Traffic Engineering Management Information Base for Fast Reroute, November 2002. [36] IETF RFC 3479, Fault Tolerance for the Label Distribution Protocol (LDP), February 2003. [37] IETF RFC 2702, Requirements for Traffic Engineering Over MPLS, September 1999. [38] IETF draft-ietf-mpls-oam-requirements-01.txt, OAM Requirements for MPLS Networks, June 2003. [39] IETF RFC draft-ietf-mpls-bgp-mpls-restart-02.txt, Graceful Restart Mechanism for BGP with MPLS, October 2002. [40] IETF draft-ietf-policy-qos-device-info-model-10.txt, Information Model for Describing Network Device QoS Datapath Mechanisms, May 2003. [41] IETF draft-ietf-policy-core-schema-16.txt, Policy Core LDAP Schema, October 2002. [42] IETF RFC 3060, Policy Core Information Model -- Version 1 Specification, [43] IETC RFC 3198, Terminology for Policy-Based Management, November 2001. [44] IETF RFC 3460, Policy Core Information Model (PCIM) Extensions, January 2003. [45] IETF draft-ietf-netconf-prot-00, NETCONF Configuration Protocol, August 11, 2003. [46] IETF RFC 2925, Definitions of Managed Objects for Remote Ping, Traceroute, and Lookup Operations, September 2000. [47] IETF draft-ietf-disman-alarm-mib-14.txt, Alarm MIB, June 2003. [48] IETF draft-ietf-disman-event-mib-v2-02.txt, Event MIB, June 2003. [49] IETF draft-ietf-rmonmib-raqmon-framework-02.txt , Real-time Application Quality of Service Monitoring (RAQMON) Framework, June 2003.

[50] IETF draft-ietf-rmonmib-raqmon-pdu-02
[50] IETF draft-ietf-rmonmib-raqmon-pdu-02.txt, Real-time Application Quality of Service Monitoring (RAQMON) Protocol Data Unit (PDU), June 2003. [51] IETF draft-ietf-rmonmib-raqmon-mib-01.txt, Real-time Application Quality of Service Monitoring (RAQMON) MIB, June 2003. [52] IETF draft, Application Performance Measurement MIB draft-ietf-rmonmib-apm-mib-10.txt, August 6, 2003. [53] IETF draft-ietf-rmonmib-tpm-mib-09.txt, Transport Performance Metrics MIB, June 26, 2003. [54] IETF draft-ietf-rmonmib-sspm-mib-07.txt, Definition of Managed Objects for Synthetic Sources for Performance Monitoring Algorithms, June 2003. [55] Thomas D. Naeau, MPLS Network Management – MIBs, Tools and Techniques, Morgan Kaufmann Publishing Co., 2003. [56] NIST GMPLS Simulator – A Scalable Discrete Event Simulator for the GMPLS-based Next Generation Optical Internet, [57] MPLS Forum Super Demo 2002 – Test Plan & Results. [58] Petri Aukia et al., “RATES: A Server for MPLS Traffic Engineering,” IEEE Network Magazine, Mar./Apr [59] Wandal IP/MPLSView, [60] Differentiated Services – Network Configuration and Management (DISCMAN), EURESCOM, 2000. [61] Sheer Broadband Operating Supervisor (BOS), Sheer Networks, [62] TS Choi, SH Yoon, HS Chung, CH Kim, JS Park, BJ Lee, TS Jeong, “Wise<TE>: Traffic Engineering Server for a Large-scale MPLS-based IP Networks,” NOMS2002, April 2002.pp. 251 ~ 264.

[63] Cisco MPLS Tunnel Builder Pro, http://www. cisco
[64] Cisco VPN Solution Center 2.2, [65] Youngtak Kim, “DoumiMan (DiffServ-over-universal-MPLS Internet Manager) for Guaranteed QoS Provisioning in Next Generation Internet,” ITRC Forum 2003, June 4, 2003.

Thank You !!! Youngtak Kim, Ph.D., Associate Professor
Dept. of Information and Communication Engineering, College of Engineering, Yeungnam University (Tel: , Fax: ,

Management of MPLS-based VPNs

Similar presentations

Presentation on theme: "Management of MPLS-based VPNs"— Presentation transcript:

Similar presentations

About project

Feedback

Log in

Auth with social network:

Management of MPLS-based VPNs

Similar presentations

Presentation on theme: "Management of MPLS-based VPNs"— Presentation transcript:

Similar presentations

About project

Feedback